package com.example.shiro.util;

import com.example.shiro.entity.SysMenuEntity;
import com.example.shiro.entity.SysRoleEntity;
import com.example.shiro.entity.SysUserEntity;
import com.example.shiro.service.SysMenuService;
import com.example.shiro.service.SysRoleService;
import com.example.shiro.service.SysUserService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.List;

/**
 * @Description : 自定义Realm
 * @Author : Bruce Lee
 * @CreateTime : 2024/5/28
 */

public class MyRealm extends AuthorizingRealm {

    @Autowired
    private SysRoleService sysRoleService;

    @Autowired
    private SysMenuService sysMenuService;

    @Autowired
    private SysUserService sysUserService;


    /**
     * 授权
     *
     * @param principalCollection
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();

        SysUserEntity user = (SysUserEntity) principalCollection.getPrimaryPrincipal();
        // 1、获取用户角色
        List<SysRoleEntity> sysRoleList = sysRoleService.selectSysRoleByUserId(user.getUserId());
        for (SysRoleEntity sysRoleEntity : sysRoleList) {
            simpleAuthorizationInfo.addRole(sysRoleEntity.getRoleName());
        }

        // 2、根据用户角色获取用户权限
        sysRoleList.forEach(sysRoleEntity -> {
            List<SysMenuEntity> sysMenuEntities = sysMenuService.selectSysMenuByRoleId(sysRoleEntity.getRoleId());
            sysMenuEntities.forEach(sysMenuEntity -> {
                simpleAuthorizationInfo.addStringPermission(sysMenuEntity.getPerms());
            });
        });

        return simpleAuthorizationInfo;
    }


    /**
     * 认证
     *
     * @param authenticationToken
     * @return
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        // authenticationToken由登录接口传递过来的  UsernamePasswordToken token = new UsernamePasswordToken(sysUserEntity.getUsername(), sysUserEntity.getPassword());
        String token = (String) authenticationToken.getPrincipal();
        SysUserEntity user = sysUserService.selectUserByName(token);
        if (user == null) {
            throw new AuthenticationException();
        }
        if (user.getState() == null || user.getState().equals("PROHIBIT")) {
            throw new LockedAccountException();
        }
        //
        return new SimpleAuthenticationInfo(user, user.getPassword(), user.getUsername());
        // 密码验证
//        return new SimpleAuthenticationInfo(user, user.getPassword(), ByteSource.Util.bytes(user.getSalt()), user.getUsername());
    }
}
